curl / Mailing Lists / curl-library / Single Mail


libcurl truncating long cookies?

From: Kevin Smith via curl-library <>
Date: Fri, 8 Sep 2017 16:26:07 -0700

Hey, I am looking at an issue with libcurl where it seems that very long
cookies are getting truncated. I see that in lib/cookie.h there are these
two values: #define MAX_COOKIE_LINE 5000 and #define MAX_COOKIE_LINE_TXT
"4999" I am seeing if I get back a cookie of length more than 5000 that
libcurl is storing that cookie at the truncated value. Looking into RFC
2109 ( section 6.3 I see this line
"The information in a Set-Cookie response header must be retained in its
entirety. If for some reason there is inadequate space to store the
cookie, it must be discarded, not truncated." I am using libcurl 7.49.1
and I am seeing that cookies seem to get truncated when they are too long
instead of discarded, is this expected? Or has it been fixed in a later

Received on 2017-09-09